Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/ZXPXf7BQRDvK-Ev7Ja0J_aJPHoQ.roa
File: ZXPXf7BQRDvK-Ev7Ja0J_aJPHoQ.roa (raw, json)
Hash identifier: jC2qcP+PCEVazgGNrq4OMQIQbxE0U8qfxiX6dG4hzcw=
Subject key identifier: 65:73:D7:7F:B0:50:44:3B:CA:F8:4B:FB:25:AD:09:FD:A2:4F:1E:84
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 01928268FEC14733E77008F6FE0508879C7E
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/ZXPXf7BQRDvK-Ev7Ja0J_aJPHoQ.roa
Signing time: Sat 12 Oct 2024 20:26:11 +0000
ROA not before: Sat 12 Oct 2024 20:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0d:cdc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Nov 2024 09:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:82:68:fe:c1:47:33:e7:70:08:f6:fe:05:08:87:9c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Oct 12 20:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6573d77fb050443bcaf84bfb25ad09fda24f1e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:2f:d8:a7:61:1c:4b:b6:20:43:19:08:08:
dc:5f:8d:92:4c:1c:2f:c5:9d:80:9f:66:c0:cd:ec:
a5:06:a4:2b:d8:1f:6e:dd:5b:c4:d9:84:a9:4d:f0:
46:22:d7:20:4b:89:5d:65:bf:83:7a:56:8e:b7:14:
42:85:f9:15:39:2a:24:79:73:27:79:f3:20:14:c1:
44:82:1a:d9:1b:f7:12:46:d3:a9:c6:7c:bc:71:9f:
ec:7d:67:3b:c3:82:23:a3:f5:b8:34:50:ee:df:ee:
4c:db:4d:18:78:9e:5d:48:cf:42:45:70:45:db:fe:
ad:a0:f3:3d:24:c2:55:bb:81:b0:3e:c5:59:f7:65:
18:41:b0:d5:47:37:3b:44:cd:87:5c:23:c4:f4:67:
4f:ef:dd:dd:5d:00:c5:d6:14:c7:f3:9a:72:90:41:
ed:05:d9:d8:9a:1f:c8:63:57:83:c6:c2:5d:f0:2e:
bd:99:31:f1:d2:28:41:83:1c:7a:8d:3f:c0:17:4f:
4f:a0:d7:85:81:e9:68:b4:e2:b0:bd:f1:88:8e:20:
08:6b:7b:e8:d2:61:53:78:3a:f2:ae:7e:a9:4a:62:
68:da:5d:4d:41:0a:90:29:05:2e:3a:59:4c:b9:bd:
f5:0b:d2:d9:d5:05:e4:73:2d:82:4f:54:d9:31:61:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:73:D7:7F:B0:50:44:3B:CA:F8:4B:FB:25:AD:09:FD:A2:4F:1E:84
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/ZXPXf7BQRDvK-Ev7Ja0J_aJPHoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc5::/32
Signature Algorithm: sha256WithRSAEncryption
47:f7:1f:01:f5:23:ee:0b:cb:2b:ea:3b:f7:33:d5:bd:82:07:
53:25:be:8b:4c:e3:00:fb:35:ad:4a:d3:47:d8:a6:8e:e1:de:
75:4b:9c:0a:a4:bf:09:e1:62:d3:41:54:8b:38:6f:30:c9:dc:
60:1b:a5:ca:d0:fa:e9:77:b0:da:17:a9:ff:93:da:fe:74:0c:
00:fb:6d:eb:c7:42:94:fb:73:18:ba:d9:c5:41:4b:ab:f3:58:
10:7a:b5:da:be:e1:91:9d:a7:c7:c4:9e:a0:0d:cd:81:3d:5b:
6e:f2:5a:9a:75:46:a3:d0:2e:10:10:f6:5f:9d:8c:07:ea:d1:
47:ef:a5:60:0a:f3:f1:3d:4b:98:2c:b4:57:25:d3:fe:a3:c7:
0d:ef:46:b6:71:20:d1:b1:d2:70:65:2c:0d:ef:21:e0:42:68:
4a:06:02:41:8e:4f:e1:7f:6b:dc:80:dc:e9:84:26:7f:b7:45:
7a:d9:98:ae:fe:ba:83:bd:27:90:e8:e5:90:5e:8e:14:57:07:
85:7b:4f:d4:f9:d0:ce:dc:d7:09:a6:ae:7c:77:ea:47:4c:6b:
f8:ba:45:ba:2f:53:e3:0f:5c:ad:3d:b6:35:4c:20:d4:7f:15:
61:2f:03:a6:84:33:1c:b3:92:9c:6c:05:5c:37:09:3e:29:c4:
82:c5:b2:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKCaP7BRzPncAj2/gUIh5x+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQxMDEyMjAyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTczZDc3ZmIwNTA0NDNiY2FmODRiZmIyNWFkMDlmZGEyNGYxZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp04v2KdhHEu2IEMZCAjcX42STBwv
xZ2An2bAzeylBqQr2B9u3VvE2YSpTfBGItcgS4ldZb+DelaOtxRChfkVOSokeXMn
efMgFMFEghrZG/cSRtOpxny8cZ/sfWc7w4Ijo/W4NFDu3+5M200YeJ5dSM9CRXBF
2/6toPM9JMJVu4GwPsVZ92UYQbDVRzc7RM2HXCPE9GdP793dXQDF1hTH85pykEHt
BdnYmh/IY1eDxsJd8C69mTHx0ihBgxx6jT/AF09PoNeFgelotOKwvfGIjiAIa3vo
0mFTeDryrn6pSmJo2l1NQQqQKQUuOllMub31C9LZ1QXkcy2CT1TZMWGcJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGVz13+wUEQ7yvhL+yWtCf2iTx6EMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvWlhQWGY3QlFSRHZLLUV2N0phMEpfYUpQSG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3NxTAN
BgkqhkiG9w0BAQsFAAOCAQEAR/cfAfUj7gvLK+o79zPVvYIHUyW+i0zjAPs1rUrT
R9imjuHedUucCqS/CeFi00FUizhvMMncYBulytD66Xew2hep/5Pa/nQMAPtt68dC
lPtzGLrZxUFLq/NYEHq12r7hkZ2nx8SeoA3NgT1bbvJamnVGo9AuEBD2X52MB+rR
R++lYArz8T1LmCy0VyXT/qPHDe9GtnEg0bHScGUsDe8h4EJoSgYCQY5P4X9r3IDc
6YQmf7dFetmYrv66g70nkOjlkF6OFFcHhXtP1PnQztzXCaaufHfqR0xr+LpFui9T
4w9crT22NUwg1H8VYS8DpoQzHLOSnGwFXDcJPinEgsWyDQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:28 2024 by rpki-client on console-fra.rpki-client.org